package com.example.demo.config;

import com.example.demo.module.filter.JWTAuthorizationFilter;
import com.example.demo.service.jwt.JwtUserSecurityService;
import org.apache.tomcat.util.net.openssl.ciphers.Authentication;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;


@Configuration//指定为配置类
@EnableWebSecurity//指定为Spring Security配置类
@EnableGlobalMethodSecurity(prePostEnabled = true) // 启用方法安全设置
public class WebSecurityConfigJwt extends WebSecurityConfigurerAdapter {
    @Autowired
    private AuthenticationSuccessHandler jwtAuthenticationSuccessHandler;
    @Autowired
    private AuthenticationFailureHandler jwtAuthenticationFailureHandler;
    //装载BCrypt密码编辑器
    @Bean
    public PasswordEncoder passwordEncoder3(){
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception{
        http.antMatcher("/jwt/**").
                //指定登录认证的Controller
        formLogin().usernameParameter("name").passwordParameter("pwd").loginPage("/jwt/login").successHandler(jwtAuthenticationSuccessHandler).failureHandler(jwtAuthenticationFailureHandler).
                and().authorizeRequests()
                //登陆相关
                .antMatchers("/register/mobile").permitAll()
                .antMatchers("/article/**").authenticated()
                .antMatchers("/jwt/tasks/**").hasRole("USER")
                .and()
                .addFilter(new JWTAuthorizationFilter(authenticationManager()));
        http.logout().permitAll();


        //JWT配置
       // http.antMatcher("/article/**").addFilter(new JWTAuthorizationFilter(authenticationManager()));
        http.cors().and().csrf().ignoringAntMatchers("/jwt/**");
    }
    @Bean
    UserDetailsService JwtUserSecurityService(){
        return new JwtUserSecurityService();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception{auth.userDetailsService(JwtUserSecurityService()).passwordEncoder(new BCryptPasswordEncoder(){

    });
    }

}
